How To Manage Software Risk During Mergers and Acquisitions

Jul 17, 2018 by Lev Lesokhin

Once the dealmakers ink a merger or acquisition agreement, the work of IT leadership begins. To keep software risk low during IT integration, the CIO, COO and other executive stakeholders must communicate effectively on features and functionality that are desired for future growth while analyzing the “new” software’s capacity to mesh well with the organization’s existing DNA.

Mark Uhrmacher, SVP of Technology at Hearst Business Media, has masterminded scores of integrations for one of world’s best-known international media organizations. “Hearst has 375 entities and we’re constantly looking to add to the family,” he explains. “That means quite a bit of M&A, and with it a lot of post-merger integration.”

Software Intelligence_Hearst Business Media_Due Diligence

In these scenarios, it’s mandatory for Uhrmacher and his IT colleagues to understand the functionality and overall health of incoming technology assets. Software Intelligence provides a much deeper level of detail than is typically available in the merger and acquisition due diligence process.

See legacy assets more clearly

Software Intelligence can help accelerate the merging of IT systems. In many cases, incoming legacy assets are poorly documented. But with enhanced visibility thanks to features such as interactive blueprints, IT leadership can gain valuable insights before and during integration activities.

These enhanced views and analyses help in accelerating the transformation process, while reducing software risk and increasing accuracy. Armed with a greater understanding of legacy systems, the IT team can prioritize and manage their legacy modernization tasks.

“Thanks to Software Intelligence, we often learn about applications that are too small for anyone to bring up in conversation.” The acquiring company, says Uhrmacher, benefits from a much firmer grasp of software performance and quality characteristics; its IT leaders can make more informed integration or sunset decisions.

Ensure a more agile IT modernization

Many organizations are starting to take an agile approach to legacy software integration. These firms can now count on Software Intelligence to help them ensure code quality by uncovering hard-to-find defects in the developed code, while also identifying security risks. And if the code is unreliable, a business can be saddled with increased technical debt, compliance issues and potential system-wide failures.

When you’re dealing with risky, compromised applications that have been ignored for possibly decades, you also need to manage costs. Uhrmacher manages this challenge, he explains, by using Software Intelligence solutions. “It’s like eating the elephant one bit at a time.”

You could look at a company’s financial statement, or you could “look at every invoice coming in,” says Uhrmacher, summing up the benefits of Software Intelligence and its ability to drill down and provide granular results. It’s this kind of technology empowerment that will help him integrate another 375 entities into the Hearst Business Media family—one line of code at a time.

Filed in: IT Leadership Risk & Security
Tagged: CIO Risk Management IT leadership M&A M&A due diligence Software Intelligence software risk Software Risk Management
Get the Pulse Newsletter Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the very least libraries, frameworks or databases that get used in mission critical IT systems. In some cases entire systems being build on top of open source foundations. Since we have been benchmarking IT software for years, we thought we would set our sights on some of the most commonly used open source software (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST) market, we identified the 10 most significant vendors — CAST, CA Veracode, Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock, SonarSource, and Synopsys — and researched, analyzed, and scored them. This report shows how each measures up and helps security professionals make the right choice. Forrester Wave: Static Application Security Testing, Q4 2017 Analyst Paper
Making sense of cloud transitions for financial and telecoms firms Cloud migration 2.0: shifting priorities for application modernization in 2019 Research Report
Lev Lesokhin
Lev Lesokhin EVP, Strategy and Analytics at CAST
Lev spends his time investigating and communicating ways that software analysis and measurement can improve the lives of apps dev professionals. He is always ready to listen to customer feedback and to hear from IT practitioners about their software development and management challenges. Lev helps set market & product strategy for CAST and occasionally writes about his perspective on business technology in this blog and other media.
More Posts from Lev >>
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|

Get a Demo    •    Contact Us    •     Support    •     The Software Intelligence Pulse    •     Privacy Policy    •     SiteMap    •     Glossary    •     Archive

Copyright 2019 - CAST | All Rights Reserved